search

wso2 / product-is

Welcome to the WSO2 Identity Server source code! For info on working with the WSO2 Identity Server repository and contributing code, click the link below.
http://wso2.github.io/
Apache License 2.0
748 stars 727 forks source link

Better to return tokenBindingId as cnf in the jwt token for client-request binding type #19331

Open VivekVinushanth opened 9 months ago

VivekVinushanth commented 9 months ago

Is your suggestion related to an experience ? Please describe.

With this change, for the client-request token binding type, users will be able to obtain the tokenBindingId value they have sent in the token request. Though the JWT token returns a tokenBinding reference which is a hashed value, for this binding type, applications might be interested in knowing the value itself.

Describe the improvement Return tokenBindingId as CNF in the jwt token for client-request binding type

Additional context

VivekVinushanth commented 9 months ago

Being fixed with

VivekVinushanth commented 9 months ago

Need to consider Introspection as well.